ThreatCheck and Ghidra to analyze & modify a Beacon payload generated from Cobalt Strike. This post demonstrates that complex manipulations are not required to bypass static signatures & why defenders should not soley rely them to detect « well known » tooling #online #threats #tools #informatique

[ https://offensivedefence.co.uk/posts/threatcheck-ghidra/ ]